Suse Linux 10.0 does not find a Windows XP Professional Computerin a virtual private network

Hello,

I have two locations which are connected with two routers over the
internet. There is a vpn channel configured between the routers. The
configuration of vpn tunnel between is successfull and working.

Now my Suse Linux 10.0 at the one location is connected with a Windows
XP Pro client at the other location.

The routers are configured to accept NetBIOS-Dataflow over the
IPSec-tunnel. With other words: On the routers the NetBIOS-Dataflow in
the IPSec-tunnel is enabled.

I am able to ping all routers and all clients in the two network segments.

But the situation is: Im not able to find the windows xp pro client (I
was searching for the computername and the ip-adress) or the workgroup
of the windows xp pro client (MSHOMENETWORK)in the network enviroment.

Please tell me what should i configure, that both computers will find
each other in the network enviroment.

Thank you.

Regards,

Dirk Lehmann

Dirk Lehmann wrote:
> Hello,
>
> I have two locations which are connected with two routers over the
> internet. There is a vpn channel configured between the routers. The
> configuration of vpn tunnel between is successfull and working.

Not knowing a whole lot about these VPN tunnels:

Can you nmap <ipaddress> -p 139 the windows machine to see that the
sharing port is open?

Is the personal firewall turned off on the XP machine?

Do you use a WINS server, and if so, are both the Linux and Windows
machine configured to use it?

Does this VPN setup forward NetBIOS broadcasts over the VPN?

--
Justin Grote
Novell Support Connection Sysop
Network Architect
JWG Networks

A copy of an email that was sent to me:

Hello Justin,

today I send you the result of nmap:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-05-04 21:20
CEST
Interesting ports on HP56852474523 (192.168.2.2):
PORT STATE SERVICE
139/tcp filtered netbios-ssn

Nmap finished: 1 IP address (1 host up) scanned in 11.086 seconds

Yes, the personal firewall is turned off at the XP machine.

I don?t use a WINS server and so both the Linux and Windows machine
isn?t configured to use it.

Yes, the VPN setup does forward NetBIOS broadcasts over the VPN.

I am not able to find the XP machine in the network browser. But that is
not important for me. I wan?t to access to the network shares on the XP
machine. How can i access without finding the workgroup and the machine
in the network browser?

Please help me to use my network shares on the XP machine. Thank you.

regards,

Dirk Lehmann



--
Justin Grote
Novell Support Connection Sysop
Network Architect
JWG Networks

Justin Grote [SysOp] schrieb:
> Dirk Lehmann wrote:
>> Hello,
>>
>> I have two locations which are connected with two routers over the
>> internet. There is a vpn channel configured between the routers. The
>> configuration of vpn tunnel between is successfull and working.
>
> Not knowing a whole lot about these VPN tunnels:
>
> Can you nmap <ipaddress> -p 139 the windows machine to see that the
> sharing port is open?
>
> Is the personal firewall turned off on the XP machine?
>
> Do you use a WINS server, and if so, are both the Linux and Windows
> machine configured to use it?
>
> Does this VPN setup forward NetBIOS broadcasts over the VPN?
>

Hello Justin,

today I send you the result of nmap:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-05-04 21:20
CEST
Interesting ports on HP56852474523 (192.168.2.2):
PORT STATE SERVICE
139/tcp filtered netbios-ssn

Nmap finished: 1 IP address (1 host up) scanned in 11.086 seconds

Yes, the personal firewall is turned off at the XP machine.

I don?t use a WINS server and so both the Linux and Windows machine
isn?t configured to use it.

Yes, the VPN setup does forward NetBIOS broadcasts over the VPN.

I am not able to find the XP machine in the network browser. But that is
not important for me. I wan?t to access to the network shares on the XP
machine. How can i access without finding the workgroup and the machine
in the network browser?

Please help me to use my network shares on the XP machine. Thank you.

regards,

Dirk Lehmann

Justin Grote [SysOp] wrote:
> PORT STATE SERVICE
> 139/tcp filtered netbios-ssn

This suggests that something in the path between your XP machine and
your linux machine is filtering the file sharing packets. A state of
"closed" would mean that the port is accessible but the XP machine is
actively denying it.

Can you ping the XP machine from your Linux machine? If not, check your
firewall rules again until pings work again, then try again

Can you access the file shares on 192.168.2.2 using an XP machine at the
same site as your Linux machine across the VPN?

Still looks to me like a firewall issue.


--
Justin Grote
Novell Support Connection Sysop
Network Architect
JWG Networks

Justin Grote [SysOp] schrieb:
> Justin Grote [SysOp] wrote:
>> PORT STATE SERVICE
>> 139/tcp filtered netbios-ssn
>
> This suggests that something in the path between your XP machine and
> your linux machine is filtering the file sharing packets. A state of
> "closed" would mean that the port is accessible but the XP machine is
> actively denying it.
>
> Can you ping the XP machine from your Linux machine? If not, check your
> firewall rules again until pings work again, then try again
>
> Can you access the file shares on 192.168.2.2 using an XP machine at the
> same site as your Linux machine across the VPN?
>
> Still looks to me like a firewall issue.
>
>

Hello Justin,

to your first question: yes i can ping the 192.168.2.2 from my linux
machine.

To your second question: no, i can not access the file shares on
192.168.2.2 using a XP machine at the same site as my linux across vpn.
I tried it from the same site as my linux with a windows 2003 server but
unsuccessfull.

regards,

Dirk Lehmann

Dirk Lehmann wrote:
> To your second question: no, i can not access the file shares on
> 192.168.2.2 using a XP machine at the same site as my linux across vpn.
> I tried it from the same site as my linux with a windows 2003 server but
> unsuccessfull.

You probably want to troubleshoot this problem first then. Can you
access the device directly (bypassing netbios) with the following
navigation?:

\\192.168.2.2\share

If not, you may want to check that your sharing configuration is OK. The
fact that an NMAP showed filtered still suggests that your most likely
problem is something blocking 139 in between you and the machine,
whether that is an external firewall or the personal firewall on the XP
machine.

--
Justin Grote
Novell Support Connection Sysop
Network Architect
JWG Networks

Justin Grote [SysOp] schrieb:
> Dirk Lehmann wrote:
>> To your second question: no, i can not access the file shares on
>> 192.168.2.2 using a XP machine at the same site as my linux across
>> vpn. I tried it from the same site as my linux with a windows 2003
>> server but unsuccessfull.
>
> You probably want to troubleshoot this problem first then. Can you
> access the device directly (bypassing netbios) with the following
> navigation?:
>
> \\192.168.2.2\share
>
> If not, you may want to check that your sharing configuration is OK. The
> fact that an NMAP showed filtered still suggests that your most likely
> problem is something blocking 139 in between you and the machine,
> whether that is an external firewall or the personal firewall on the XP
> machine.
>

Hello Justin,

today I can not tell you if I can access the device directly.

But I think that my sharing configuration is OK.

Could you tell me what can block 139 between me and the machine? The
personal firewall in windows XP is disabled and the firewall in linux is
also disabled (configured for manual start). So on both routers are
working firewalls but they are configured to forward NetBIOS-traffic.

For further support could you please tell me how to access to a windows
share from a linux machine? Can you tell me the command I have to type
to the linux command prompt (I think it´s called bash). Please tell me.
Thank you.

regards,

Dirk Lehmann